A server and a client can be protected such as with a secure socket layer (SSL) connection between the server and client. SSL is a protocol that provides security for communications over networks such as the Internet. A server may obtain a certificate for allowing an encryption key to be generated for establishing the SSL connection with a client. A certificate can contain the name of the server or other entity that is being identified, the server's public key, the name of the issuing CA, and other information proving that the certificate is authenticated. When a certificate is issued, the certificate and certificate information are typically stored in one or more databases. Other information may include a public key, a private key for decrypting encrypted content, and/or whether or not a certificate is trusted for a particular purpose (trust information). For example, a user may wish to view an encrypted email message received by the user and a client email application can search for the private key to decrypt the email.
The key may be associated with a particular cryptographic standard, such as public key cryptography standard (PKCS), for example, the PKCS #11 industry standard. An application, such as a web browser or an email application, can construct a request for the key through a security module, such as a network security services (NSS) module. Typically, applications identify the database to be opened in the request and initialize NSS to open the particular database to provide SSL services.
The application can also call different system library services, such as for HTTP operations, LDAP operations, etc. The system libraries may also initialize NSS for NSS to provide SSL services. When NSS is initialized, NSS causes a module to open a database, such as a database storing a key. However, when NSS is running as a result of a first initialization by a library or an application, NSS is unable to open another database for any subsequent initialization requests. An application and library, therefore, are unable to access another database until NSS is shut down and re-initialized.